# create new
[DEFAULT]
osapi_compute_listen = 127.0.0.1
osapi_compute_listen_port = 8774
metadata_listen = 127.0.0.1
metadata_listen_port = 8775
state_path = /var/lib/nova
enabled_apis = osapi_compute,metadata
log_dir = /var/log/nova
# RabbitMQ connection info
transport_url = rabbit://openstack:{{ service_password }}@{{ inventory_hostname }}:5672
vif_plugging_is_fatal = True
vif_plugging_timeout = 300

[api]
auth_strategy = keystone

[vnc]
server_listen = {{ inventory_hostname }}
server_proxyclient_address = {{ inventory_hostname }}
enabled = True
novncproxy_host = 127.0.0.1
novncproxy_port = 6080
novncproxy_base_url = https://{{ inventory_hostname }}:6080/vnc_auto.html

# Glance connection info
[glance]
api_servers = https://{{ inventory_hostname }}:9292

[oslo_concurrency]
lock_path = $state_path/tmp

# MariaDB connection info
[api_database]
connection = mysql+pymysql://nova:{{ service_password }}@{{ inventory_hostname }}:3306/nova_api

[database]
connection = mysql+pymysql://nova:{{ service_password }}@{{ inventory_hostname }}:3306/nova

# Keystone auth info
[keystone_authtoken]
www_authenticate_uri = https://{{ inventory_hostname }}:5000
auth_url = https://{{ inventory_hostname }}:5000
memcached_servers = {{ inventory_hostname }}:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = {{ service_password }}
# if using self-signed certs on Apache2 Keystone, turn to [true]
insecure = true

service_token_roles = service
service_token_roles_required = true

[placement]
auth_url = https://{{ inventory_hostname }}:5000
os_region_name = RegionOne
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = placement
password = {{ service_password }}
# if using self-signed certs on Apache2 Keystone, turn to [true]
insecure = true

[wsgi]
api_paste_config = /etc/nova/api-paste.ini

[oslo_policy]
enforce_new_defaults = true

[neutron]
auth_url = https://{{ inventory_hostname }}:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = {{ service_password }}
service_metadata_proxy = True
metadata_proxy_shared_secret = {{ service_password }}
insecure = true

[scheduler]
discover_hosts_in_cells_interval = 60

# add to the end
[service_user]
send_service_user_token = true
auth_url = https://{{ inventory_hostname }}:5000
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = {{ service_password }}
insecure = true

[cinder]
os_region_name = RegionOne
